trashbin/bintrash.php

152 lines
5.1 KiB
PHP
Raw Permalink Normal View History

2014-07-07 08:54:45 +00:00
<?php
$BASE_DIR = "";
require("include/config.inc.php");
require("include/cleanup.inc.php");
2016-07-18 17:50:43 +00:00
if(isset($_POST['action'])) {
if ($_POST['action'] == "upload") {
if ($_FILES['upfile']['size'] > 0) {
switch ($_POST['validity']) {
2014-07-07 08:54:45 +00:00
case 1:
$expire = time() + 30 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 2:
$expire = time() + 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 3:
$expire = time() + 12 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 4:
$expire = time() + 24 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 5:
$expire = time() + 7 * 24 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 6:
$expire = time() + 31 * 24 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 7:
$expire = time() + 3 * 31 * 24 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 8:
$expire = time() + 6 * 31 * 24 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
case 9:
$expire = time() + 12 * 31 * 24 * 60 * 60;
2016-07-18 17:50:43 +00:00
break;
2014-07-07 08:54:45 +00:00
}
// eine id erstellen
$file_id = mkhash();
2016-07-18 17:50:43 +00:00
2014-07-07 08:54:45 +00:00
// einen eindeutigen dateinamen erstellen
2016-07-18 17:50:43 +00:00
$file_localname = md5($_FILES['upfile']['name'] + time());
2014-07-07 08:54:45 +00:00
2016-07-18 17:50:43 +00:00
if (move_uploaded_file($_FILES['upfile']['tmp_name'], $uploaddir . $file_localname)) {
2014-07-07 08:54:45 +00:00
$db->query("INSERT INTO files
(pid,timest,expire,file,name,mime,size) VALUES
2016-07-18 17:50:43 +00:00
('{$file_id}','" . time() . "','{$expire}','{$file_localname}',
2014-07-07 08:54:45 +00:00
'{$_FILES['upfile']['name']}','{$_FILES['upfile']['type']}','{$_FILES['upfile']['size']}')");
2016-07-18 17:50:43 +00:00
chmod($uploaddir . $file_localname, 0777);
header("Location: {$_SERVER['PHP_SELF']}?fileid=" . $file_id);
} else {
2014-07-07 08:54:45 +00:00
header("Location: {$_SERVER['PHP_SELF']}?code=1");
}
2016-07-18 17:50:43 +00:00
} else {
2014-07-07 08:54:45 +00:00
print_r($_FILES);
header("Location: {$_SERVER['PHP_SELF']}?code=2");
}
}
2016-07-18 17:50:43 +00:00
}
2014-07-07 08:54:45 +00:00
else if(isset($_GET['fileid'])) {
header("X-Trash-File: " . $base_url ."b/{$_GET['fileid']}");
include("include/header.php");
$spid = $db->escape($_GET['fileid']);
$result = $db->query("SELECT * FROM files WHERE pid = '{$spid}'");
if($db->num_rows($result)) {
$row = $db->fetch_assoc($result);
echo "<p>Hier die gew&uuml;nschte Datei:</p>";
echo "Fuer Foren etc: ";
$compatible_url = $base_url . "b/{$_GET['fileid']}/{$row['name']}";
echo "<a href=\"{$compatible_url}\">{$compatible_url}</a>";
echo "<br/><br/>oder verschiedene Formen hier: <br/>";
$compatible_url = $base_url . "b/{$_GET['fileid']}";
echo "<a href=\"{$compatible_url}\">{$compatible_url}</a><br/>";
if(strpos($row['name'],".") >0) {
$compatible_url = $base_url . "b/{$_GET['fileid']}/" . substr($row['name'],0,strrpos($row['name'],".")) . "_" . round($row['size']/1024,2) ."kb" . substr($row['name'],strrpos($row['name'],".")) ;
echo "<a href=\"{$compatible_url}\">{$compatible_url}</a><br/>";
}
}
else {
echo "Datei nicht gefunden!";
}
include("include/footer.php");
}
elseif(isset($_GET['download'])) {
$spid = $db->escape($_GET['download']);
$pos = strpos($spid,"/");
if($pos > 0 ) $spid = substr($spid,0, $pos);
$result = $db->query("SELECT * FROM files WHERE pid = '{$spid}'");
if($db->num_rows($result)) {
$row = $db->fetch_assoc($result);
$db->query("UPDATE files SET downloads = '".($row['downloads']+1)."' WHERE id = '{$row['id']}'");
if($row['mime']=="") {
$content = "application/octet-stream";
header("Content-Disposition: attachment; filename=".$row['name']);
}
else {
$content = $row['mime'];
header("Content-Disposition: filename=".$row['name']);
}
header("Content-Type: " . $content);
$fp = fopen($uploaddir . $row['file'],"r");
while(!feof($fp)) {
echo fgets($fp,1024);
}
fclose($fp);
}
die();
}
else {
include("include/header.php");
2016-07-18 17:50:43 +00:00
if (isset($_GET['code'])) {
switch($_GET['code']) {
case "1":
echo "<p>Datei konnte nicht Kopiert werden!</p>";
break;
case "2":
echo "<p>Keine Datei angegeben oder Datei zu gross!</p>";
break;
}
2014-07-07 08:54:45 +00:00
}
?>
<form name="ul" action="<?php echo $_SERVER['PHP_SELF']; ?>" method="post" enctype="multipart/form-data"
onsubmit="document.ul.u.value='Bitte warten ...';document.ul.u.disabled=true" >
<input type="hidden" name="action" value="upload" />
2016-07-18 17:50:43 +00:00
Dateien bis max. <?php echo ini_get('post_max_size'); ?>:<br/>
2014-07-07 08:54:45 +00:00
<input type="file" name="upfile" /><br /><br />
G&uuml;ltigkeit:
<select name="validity" size="1">
<option value="1">30 Minuten</option>
<option value="2" selected="selected">60 Minuten</option>
<option value="3">12 Stunden</option>
<option value="4">24 Stunden</option>
<option value="5">1 Woche</option>
<option value="6">1 Monat</option>
<!-- <option value="7">3 Monate</option>
<option value="8">6 Monate</option>
<option value="9">12 Monate</option>-->
</select> <input name="u" type="submit" value="Hochladen" />
</form>
<?php
include("include/footer.php");
}
?>